Escolar Documentos
Profissional Documentos
Cultura Documentos
Computer Security
From Basics to Pro Hacker
Introduction
Basic protection for Dummies
Virus!!
E
A program that monitors your actions. While they are sometimes
R
A
like a remote control program used by a hacker, software
W
companies to gather data about customers. The practice is
Y
SP
generally frowned upon.
Definition from: BlackICE Internet Security Systems -
http://blackice.iss.net/glossary.php
H O
Definition from: Texas State Library and Archives Commission - http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html
Symptoms
Spyware-Network
Overview
• Push
•Advertising
•Pull
•Tracking
•Personal data
Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.
Hackers
The Attitude to the Infinity
What is Hacker?
• It’s about technical adeptness , being delight in
solving problems and overcoming limits.
Attitude is no substitute
for competence.
• To be a hacker, you have to develop some of these
attitudes. But copying an attitude alone won't make you
a hacker. Becoming a hacker will take intelligence,
practice, dedication, and hard work.
Class of Hackers
• Black hats
Individuals with extraordinary computing skills, resorting to
malicious or destructive activities. Also known as ‘Crackers.’
• Gray Hats
Individuals who work both offensively and defensively at
various times.
• White Hats
Individuals professing hacker skills and using them for
defensive purposes. Also known as ‘Security Analysts’.
• Script Kiddies
Person, normally … not technologically sophisticated,
who randomly seeks out a specific weakness over the
internet to gain root access to a system without really
understanding what he is exploiting because the
weakness was discovered by someone else.
• Phreak
Person who breaks into … telecommunications systems.
• Ethical Hacker
May be Independent or maybe group of consultants -
Claims to be knowledgeable about black hat activities.
Responsibility of Hackers
Hacking
The Professionalism
Cross-site scripting
SQL injection
• Unvalidated input: “SQL Injection” example
username= admin
password= anything’ OR ‘x’=‘x
• Original Query
SELECT count(*) FROM userinfo WHERE name=‘@username’
and pass=‘@password’
Phases Involved in
Ethical Hacking
• Footprinting
• Scanning
• Enumeration
• Gaining Access
• Escalating privilege
• Pilfering
• Covering tracks
• Creating back doors
• Denial of service
Footprinting
• Objective
Gathering Target Address range, namespace, acquisition and other
information gathering essential for attack.
• Techniques
Domain name lookup
Whois
Nslookup
Sam Spade
ARIN (American Registry of
Internet Numbers)
Scanning
• Objective
Bulk target assessment and identification of listing services focuses
the attacker’s attention on the most promising avenues of entry
• Techniques
Ping sweep
TCP/UDP port scan
OS Detection
Enumeration
• Objective
More intrusive probing now begins as attackers begin identifying valid
user accounts or poorly protected resource shares
• Techniques
List user accounts
List file shares
Identify applications
Gaining Access
• Objective
Enough data has been gathered at this point to make an informed
attempt to access the target
• Techniques
Password eavesdropping
File share brute forcing
Password file grab
Buffer overflows
Pilfering
• Objective
The information gathering process begins again to identify
mechanisms to gain access to trusted systems
• Techniques
Elevate trusts
Search for clearnet passwords
Covering Tracks
• Objective
Once total ownership of the target is secured, hiding this fact from
system administrators becomes paramount, lest they quickly end the
romp
• Techniques
Clear logs
Hide tools
Denial of Service
• Objective
If an attacker is unsuccessful in gaining access, they may use readily
available exploit code to disable a target as a last resort
• Techniques
SYN flood
ICMP techniques
Identical SYN requests
Overlapping fragment/offset bugs
Out of bounds TCP options (OOB)
DDoS
Finally
There is always more to learn like Evading
IDS, Firewalls, Honey pots,Buffer Overflows,
Cryptography, Sniffers and protective
measures to be taken to defend against all
these. But it’s time for me to leave you on
your own and take up the responsibility and
learn it up yourself if your are passionate
enough to pursue all this.
Thank You
Questions??
Bibliography / Links
• [0]“A Brief History of Hackerdom” - http://catb.org/~esr/writings/hacker-history/hacker-history.html
• [1] "Spyware" Definition - BlackICE Internet Security Systems - http://blackice.iss.net/glossary.php
• [2] "Trojan Horse" Definition
– Texas State Library and Archives Commission - http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html
• [3] Zeinalipour-Yazti, D. “Exploiting the Security Weaknesses of the Gnutella Protocol”, University of California.
• [4] Joshi, R. “Network Security Applications”, Merchantile Communications, CANIT Conference 2003.
• [5] CERT Advisory CA-1999-02 http://www.cert.org/advisories/CA-1999-02.html
• [6] Spyware Guide – http://www.spyware-guide.com
• [7] Trojan Horses - http://www.mpsmits.com/highlights/trojan_horses.shtml
• [8] Trojan Horse - Back Orifice - http://www.nwinternet.com/~pchelp/bo/bo.html
• [9] NetBus - http://www.nwinternet.com/~pchelp/nb/netbus.htm
• [10] BBC News - http://news.bbc.co.uk/1/hi/technology/3153229.stm
• [11] Wired News – “Judge takes bite out of Gator” www.wired.com/news/politics/0,1283,53875,00.html
• [12] Tracking Cookies – Demonstration at http://www.irt.org/instant/chapter10/tracker/index4.htm
• [13] BonziBuddy - http://www.bonzi.com/bonzibuddy/bonzibuddyfreehom.asp
• [14] Unwanted Links (Spyware) – http://www.unwantedlinks.com
• [15] Andersen, R. "Security Engineering", First Edition, J. Wiley and Sons, 2001.
• [16] Scacchi, W. “Privacy and Other Social Issues”, Addison-Wesley, 2003.
– http://www.ics.uci.edu/~wscacchi/Tech-EC/Security+Privacy/Privacy.ppt